content/browser/loader/cross_site_document_resource_handler.cc · 481b725079c7b7be2782c68f3ee3de0736098c00 · eriksson monteiro / tangled

Do not block cross-site Flash requests in Site Isolation modes. · 481b7250

Charles Reis authored Dec 12, 2017

Flash requests can be distinguished by the lack of CORS, and they should
be allowed since Flash has its own cross-domain policy.  It is also
click-to-play, making this somewhat safer to allow.

TBR=nick@chromium.org
BUG=793953
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_site_isolation

Change-Id: I0b191e0093cc5133a9d5421b1294e4bb91e64b6c
Reviewed-on: https://chromium-review.googlesource.com/817661
Commit-Queue: Charlie Reis <creis@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Reviewed-by: Charlie Harrison <csharrison@chromium.org>
Cr-Commit-Position: refs/heads/master@{#523330}

481b7250

cross_site_document_resource_handler.cc 17.1 KB

Replace cross_site_document_resource_handler.cc